Help to simplify QoS rules

Discussion in 'Tomato Firmware' started by davidh44, May 1, 2012.

  1. davidh44

    davidh44 Addicted to LI Member

    I read through some of Toastman's QoS guide, and it's admittedly over my head. Can someone help me come up with as simple of QoS rules for my limited needs?

    Tomato Toastman 1.28.7498.1
    DSL actual speed: 2920kbps/725kbps

    1. Limit guest WiFi SSID to 1mbps/128kbps (no bw limiter option in this firmware)

    2. Give 3 IP phones highest priority - it is not frequently that all 3 phones will be on simultaneous calls, so ability to prioritize for 2 simultaenous G711 calls (190kbps?) would be enough. IP phones have ability to tag packets, but I think specifying by IP/MAC address would be simpler?

    3. I don't want P2P/gaming occurring on either private network or guest WiFi, so can downgrade those things if it doesn't add to the complication.

    I view D-Link network cameras remotely and use Logmein remote control, so would like to preserve as much upload bandwidth as possible (i.e. would rather err on the side of setting upload limit too high).

    Thank you!
  2. rs232

    rs232 Network Guru Member

    Under classification define the protocols first:


    1) match the guest SSID IP class (or whatever you are using)
    TCP/UPD src/dst and assign to e.g. class2

    2) match layer7 sip or even better port based in my experience!
    and assign to e.g. class1

    3) just use access restriction for this (instead of QoS) and match all IPP2P traffic SRC/DST guest SSID IP range.

    Once the protocols have been assigned to a class go into basic settings and reserve/limit bandwidth accordingly. Note you must have the correct values under -Max Bandwidth Limit- for both Inbound and Outbound.

    Just as a starting point, you'll surely need to tweak something else once it's up and running. Try first
  3. BikeHelmet

    BikeHelmet Addicted to LI Member

    1) Change your DHCP range to something like: - That range is a /27 subnet

    If you enter in an IP within that range and set the Mask properly, it tells you the full range of IPs that can be handed out.

    If your router isn't, adjust accordingly. (For, the range would be; you could do smaller ranges too (a /28) depending on how many DHCP/WiFi clients/devices you plan to have connected, or you could use another subnet range. ( for example is -

    2) Setup QOS so one of the lowest classes only gets some of your bandwidth (50%?) Make a new rule for Src IP: and drop it to that priority.
    3) Assign static DHCP IPs outside the DHCP range to all your PCs and devices. (ex:
    4) Prioritize your IP phones by IP. It doesn't matter how much bandwidth you allocate to the class, as long as the minimum is high enough for all three being in simultaneous use, and as long as the class is above all the rest.
    5) P2P is hard to prioritize. The best you can do is catch stuff like HTTP (port 80), email, etc. and prioritize it higher, then have a lower Default priority which P2P and gaming fall into.
    6) Likewise, you'll have to look up the ports for LogMeIn and prioritize it higher. If you do, then it shouldn't have any trouble taking bandwidth when it needs it.

    I'd like to verify that your limits are set correctly - you can download at 365KB/sec and upload at 90KB/sec? Do you want a highly responsive connection, or do you want to utilize all your bandwidth? You can't maintain great ping if you use all your bandwidth, so you'll have to decide and experiment to find out what works best for you. With 3 VOIP phones, I highly recommend opting for good ping.

    Gamers and VOIP use my connection, so I try to ensure everyone/everything gets alright pings. The tradeoff is max bandwidth, because in the words of the wise Toastman - if your ISP's downstream buffers get clogged, you've lost. You have no control over those buffers, so you have to try to stop them from getting clogged by throttling your downstream. Upstream (on the other hand) you have plenty of control over, so you can push it slightly closer. (unless available bandwidth varies)

    To find good limits for low ping, torture test your connection and take note of what speeds you get.

    Whatever you get (350KB/sec, etc.) multiply by 8 (2800kbit), then drop that by 15% (2380kbit)
    Same for upstream (82KB/sec, etc.) multiply by 8 (656kbit), then drop that by 15% (560kbit)

    Run pings to google for a while (from cmdline), while doing stuff like heavy downloads, uploads, running LogMeIn, looking at webcams, etc.
    ping -n 200

    I found that without that 15% buffer on downstream, if I started to download something (a program off FileHippo, a Steam game, etc.) then pings would go up to about 90-100ms avg with spikes into the 300-400's. With that 15% buffer they averaged only 60ms and went up to about 90ms. The worst was better than the average used to be. That really helped my VOIP a lot.

    I had upstream far closer to my bandwidth limit until I realized line noise when raining was causing issues. Occasionally my bandwidth will go spikey (64KB/sec for a few seconds, then drop down to ~40KB/sec for a few more) - ultimately I dropped my upstream speed because I value stability more than how quickly I can upload a youtube video or other file.

    Anyway, all the above should get you started. Hope it helped. :)
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice